Sorcery Unmaintained - Looking for additional maintainers #350
Comments
|
I would be happy to help out. Not sure how much code contributions I could do, but at minimum, I'd like to help organize a V1 release project (like https://github.com/pay-rails/pay/projects/1) to understand the scope and what it will take to get to a V1. It'd be nice to know what is in scope and out of scope. Let me know if you're interested. :) |
|
Hi @joshbuker, I'd be happy to help review and merge a few PRs! |
|
@joshbuker I can help with sorcery support for new Rails and Ruby, bug fixes, etc. |
|
Thanks for the Mastodon ping, @dylhack; I haven't been getting GitHub notifications. @jonmchan, @Spone, @willnet, I think the best course of action would be to get the v1 rework finished or to create a migration guide for users to one of the other auth gems. Personally, I would prefer to see v1 completed, but I would need help doing that. Both project management to understand what remains to be done before release and additional folks to help with the test suite would be greatly appreciated. Because v1 will eliminate entire classes of issues (e.g., switching to Omniauth will eliminate the need to maintain provider implementations for OAuth), I don't think spending time trying to get v0 up-to-date with the latest Rails would make sense. |
|
@joshbuker do you have a list of items to start with? If you have that and give me access to start a project for this repo, I can start populating a board for it. Might be good to have a kickoff meeting with everyone interested in being involved. We could see what resources we have and make rough estimates on a v1 release timeline based off of everyone's availability. We could have bi-weekly or monthly check-ins to make sure the v1 release stays on schedule. With rails 7 out for a good amount of time now, I think support for that is necessary to keep this gem relevant. I would definitely be interested in seeing this gem stay current. :) |
|
@jonmchan Honestly, if we just took each file/test from the v0 test suite and made that into a card/task, that would probably be sufficient to push things to the finish line. Do some proper TDD. Check-ins would be helpful for accountability on my end, and help with motivation. Could also use it as an opportunity for new folks to ask questions and help too. Bi-weekly would work on my end. I've invited you to the GitHub org. If that doesn't give you access to the project management, let me know and I can find wherever that permission is hidden. |
|
Do you have a discord or some other real time chat? Might be useful to starting a community and some real time communication on project planning. Would love to put a general word out to all the different ruby groups to see if we can solicit support for the project. At 4.9M downloads, this gem has a lot of use and I am sure there are at least some people who use this who would be willing to donate time to keep the project alive and improve it. I will take a look at the files and put a few things down. Will let you know if I can access the project management section or not when I get a chance to try it. |
|
Is there a branch for v1 release yet? I think it would be good for us to see what is already done or where the state of things are in understanding how far we need to go. From the sounds of it, you have some code already written for v1? |
|
@jonmchan it's a separate repo: https://github.com/Sorcery/sorcery-rework |
|
I completed the spec/active_record folder, can you please check https://github.com/orgs/Sorcery/projects/3/views/1. Please verify this is the format that you want or if there is anything I need to tweak or change before I do the rests of the specs in the other folders. Thank you! |
|
@joshbuker Thank you for inviting me to the Sorcery organization. I might not have a lot of time to spare, but I plan to review Issues and PRs as much as I can. |
|
@joshbuker ping? I would like to complete the setup of the project and start building a release timeline - your input would be helpful. |
|
I just turned email notifications back on, so I should hopefully see comments sooner now. @jonmchan That format looks good! Could you use the project I created with some of my remaining tasks so that we can deduplicate them? https://github.com/orgs/Sorcery/projects/1/views/1 |
|
It's been years, and I think it's time for me to accept that I simply do not have the time to focus on Sorcery like I hoped. While I'll still help as I can, I'm marking Sorcery as unmaintained in the hopes that someone else will take up the mantle, or the community can at least move to alternative libraries with a similar ethos that are properly maintained. |
joshbuker
changed the title
|
@joshbuker I would like to try and maintain Sorcery and move it forward. I have used it for a long time and really enjoy its simplicity. Yes, Rails 8 will take care of more of this now, but since I'd probably adapt Rails 8 to my code using some of the code from Sorcery, I might was well attempt to build out Sorcery with Rails 8 improvements. I forked Sorcery and I've got all tests passing with a 7.2 and 8.0 gemfile. |
|
@Beartech definitely welcome to take it on. There's also some of the work I put into https://github.com/sorcery/sorcery-rework that might help. I've caught a nasty cold this week, but let's chat more on this soon. |
|
Thanks, hope the cold passes quick. As someone who lives in the great (dark) PNW all I can say is vitamin D3. Our current sunny weather not withstanding. LOL |
|
Any updates on this? For my team, even just a maintenance release for compatibility with Rails 7+ would be a lifesaver. |
|
@isaaclyman if you point out which PRs get the rails 7 support where it's needed, I can get a maintenance release shipped. Haven't heard any follow up from folks interested in becoming a maintainer, so I still recommend switching to alternatives if able. |
|
Yes, my PR has the testing matrix for Rails versions across compatible Ruby versions. I'm currently running an app on Rails 7.0 and Ruby 3.2.4 with no issues. I have also done a test upgrade of my app to 7.1, 7.2, 8.0 and all my tests are passing with all gems updated to their latest versions. As far as modules, I can confirm that timeout and third party auth with Microsoft 365 are working. |
|
I'm still interested in being a maintainer. Going to try to get my local Ruby group interested in helping, and maybe trying to work on a new version that would roll in Rails 8's new basic auth generator. Seems logical to develop some way to enhance the bare bones auth Rails 8 has added. |
|
I concur with @Beartech that the current released version of sorcery works with Rails 7.1. I only use a limited set of submodules - |
|
I've been using sorcery 0.17.0 with Rails 7.2 for a few days on production (and a couple weeks on staging) without issue. My application only uses the Thanks to all who are working towards a maintenance plan for sorcery! |
Unfortunately, I have not been able to dedicate much time to pushing Sorcery forward, and things like Rails 7 support, version 1 release, switching to Omniauth for SSO, Passkey support, etc, have fallen behind schedule by a factor of years.
I still plan on pushing these efforts forward, but to accelerate the process to a reasonable timeframe, it would be good to pull in additional maintainers for the project.
If you are interested in helping, please let me know via this issue or by working on issues/pull requests marked "help wanted."
The text was updated successfully, but these errors were encountered: